2 Step Authentication for Faculty and Staff

  • What is 2 Step Authentication?

    2 Step Authentication or 2 Factor Authentication is an industry standard that adds a second layer of security to help prevent anyone other than you from accessing your sensitive information. This is accomplished using two types of authentication to verify your identity when logging into a system - something you know (username\password) and something you have (phone or a token).

  • Why is 2 Step Authentication important?

    Passwords can be stolen or compromised through Phishing, Cracking, Guessing, or Malware. Here at Kutztown we have seen a sharp rise on the number of attempts to steal user credentials over the last few years.  Stolen credentials are often used access and acquire data, send out SPAM, and to trick others by sending email from a trusted account.

  • How can 2 Step Authentication be applied?

    2 Step Authentication can be used in any scenario (internal or external) where an additional layer of protection and security against compromised credentials is required. Based on the policy options in the provider we select, KUIT will work to balance security with availability.

  • How long does it take to set up?

    Setting up 2 Step Authentication for the first time only takes a 2-3 minutes.

  • What options are available for 2 Step Authentication?

    Push Notification on a mobile app
    Text Message (SMS)
    Phone Call
    Hardware Token

    There are a variety of options available that cover a number of scenarios for 2 Step Authentication.  KU IT recommends the DUO Security App as the easiest and quickest way to verify your account.  This app works well in areas that do not provide good cellular or wireless service. 

  • Do I need a smartphone?

    No, Txt messages, Phone Calls and Hardware Tokens will all work without a smartphone.

  • Using 2 Step Authentication when you do not have a good cell phone signal or wifi

    If you have wifi, but no cellular signal, the DUO Mobile App Push Notifications work great.  If there is no wifi or cellular signal, using DUO Mobile App Passcodes also works.

  • Will I need to use 2 Step Authentication every time I login?

    2 Step Authentication Policies will be developed to balance the safety and security of the University with availability to University resources. Depending on the type of resources you are accessing and your location, 2 Step Authentication may only need to be used occasionally.

  • Hardware Tokens

    If you would like to learn more about hardware tokens, please contact the KU IT Help Center.

  • How do I enroll?

    Faculty and Staff can enroll now at https://app.kutztown.edu/2sa

  • KU IT recommends setting up PIN, Swipe, or Biometrics to login to your phone

    Use the built-in security features on your phone to protect access to your 2nd factor in case your phone gets lost or stolen.

  • How can Faculty and Staff change or add a 2 Step Authentication option?

    When logging into a 2 Step protected resource, select “Add a new device” to add an additional 2 Step Authentication Device.  To update your 2 Step Auth Device, select “My Settings & Devices”.  You will be required to perform 2 Step Auth to proceed.

  • What happens if the Duo Mobile App gets uninstalled?

    Go to the iPhone App Store or the Google Play Store to reinstall the Duo Mobile App.  Follow the How can Faculty and Staff change or add a 2 Step Authentication and use the Call Me or Passcode option to login and set up the Duo Mobile App again.  If you run into problems, contact KU IT Help Center for help getting your phone reenrolled.

  • What if the phone is broken or needs to be replaced?

    KU IT Help Center can help you bypass 2 Step Authentication or issue a temporary security token until your phone is replaced.

  • What if a phone is stolen?

    If your phone is missing or stolen, contact the KU IT Help Center immediately.  Your phone can be removed and temporary access can be granted until the phone is replaced.

  • What if I am traveling out of the country?

    The Duo Mobile App provides 6-digit passcodes that work while you are in areas that have little or no connectivity. If a smartphone with the Duo Mobile App is not an option, you can request a security token at the KU IT Help Center.

  • My Duo Security passcode is not working - Incorrect or Invalid Passcode

    If you received an "Incorrect Passcode" or Invalid Passcode" error when trying to authenticate with your Duo Mobile generated passcode or hardware token, your device may be out of sync.

    To resync your device, try to authenticate with one new passcode on each attempt within a 5 minute period. The first two attempts will generate an "Invalid Passcode". This is expected. On the third attempt you should be successfully authenticated.

  • My Duo Security passcode is not working - Account locked out

    If you receive a message that your account has been locked, this is due to too many attempts being made and your device may be out of sync. Please wait 10 minutes, then try to resync your device.

    To resync your device, try to authenticate with one new passcode on each attempt within a 5 minute period. The first two attempts will generate an "Invalid Passcode". This is expected. On the third attempt you should be successfully authenticated.

Have additional questions?

Let us know how we can help. Contact the KU IT Help Center.